<?php
//=======================================
//###################################
// Kayako Web Solutions
//
// Source Copyright 2001-2004 Kayako Web Solutions
// Unauthorized reproduction is not allowed
// License Number: $%LICENSE%$
// $Author: vshoor $ ($Date: 2006/04/11 20:58:15 $)
// $RCSfile: staff_privatemessages.php,v $ : $Revision: 1.8 $ 
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
//
//###################################
//=======================================


if (!defined("INSWIFT")) {
	trigger_error("Unable to process $PHP_SELF", E_USER_ERROR);
}

require_once ("./modules/core/functions_privatemessages.php");
require_once ("./includes/functions_html.php");
require_once ("./includes/functions_users.php");
$template->loadLanguageSection("privatemessages");

$template->assign("navtype", "privatemessages");


/**
* ###############################################
* FUNCTION DECLARATIONS
* ###############################################
*/

/**
* Callback for inbox private messages
*/
function _privateMessageFields($arg)
{
	global $_SWIFT;
	$record = &$arg[0];
	$fields = &$arg[1];

	if ($record["msgstatus"] == PRVMSG_UNREAD)
	{
		$statusicon = "icon_msgsmallyellow.gif";
	} else {
		$statusicon = "icon_msgsmallgray.gif";
	}

	$record["privatemessages.subject"] = '<table width="100%"  border="0" cellspacing="0" cellpadding="1"><tr><td width="1"><img src="'. $_SWIFT["themepath"] .$statusicon.'" border="0" /></td><td><span class="smalltext">&nbsp;<a href="index.php?_m=core&_a=viewprvmsg&privatemessageid='. $record["privatemessageid"] .'&msgtype='. MSG_RECEIVED .'">'. htmlspecialchars($record["subject"]) .'</a></span></td></tr></table>';

	$record["privatemessages.dateline"] = edate($_SWIFT["settings"]["dt_datetimeformat"], $record["dateline"]);
	$record["privatemessages.fromstaffid"] = $_SWIFT["staffcache"][$record["fromstaffid"]]["fullname"];
	$record["privatemessages.tostaffid"] = $_SWIFT["staffcache"][$record["tostaffid"]]["fullname"];

	$record["options"] = '<a href="index.php?_m=core&_a=composeprvmsg&privatemessageid='. $record["privatemessageid"] .'&staffid='. intval($record["fromstaffid"]) .'" title="'. $_SWIFT["language"]["reply"] .'"><img src="'. $_SWIFT["themepath"] .'icon_msgsmallreply.gif" border="0">&nbsp;'. $_SWIFT["language"]["reply"] .'</a>&nbsp;&nbsp;&nbsp;&nbsp;<a onClick="javascript:doConfirm(\''. $_SWIFT["language"]["actionconfirm"] .'\', \'index.php?_m=core&_a=privatemessages&do=delete&privatemessageid='. $record["privatemessageid"] .'\');" href="#" title="'. $_SWIFT["language"]["delete"] .'"><img src="'. $_SWIFT["themepath"] .'icon_delete.gif" border="0">&nbsp;'. $_SWIFT["language"]["delete"] .'</a>&nbsp;';

	return $record;
}

/**
* Callback for sent private messages
*/
function _sentPrivateMessageFields($arg)
{
	global $_SWIFT;
	$record = &$arg[0];
	$fields = &$arg[1];

	if ($record["msgstatus"] == PRVMSG_UNREAD)
	{
		$statusicon = "icon_msgsmallyellow.gif";
	} else {
		$statusicon = "icon_msgsmallgray.gif";
	}

	$record["privatemessages.subject"] = '<table width="100%"  border="0" cellspacing="0" cellpadding="1"><tr><td width="1"><img src="'. $_SWIFT["themepath"] .$statusicon.'" border="0" /></td><td><span class="smalltext">&nbsp;<a href="index.php?_m=core&_a=viewprvmsg&privatemessageid='. $record["privatemessageid"] .'&msgtype='. MSG_SENT .'">'. htmlspecialchars($record["subject"]) .'</a></span></td></tr></table>';

	$record["privatemessages.dateline"] = edate($_SWIFT["settings"]["dt_datetimeformat"], $record["dateline"]);
	$record["privatemessages.fromstaffid"] = $_SWIFT["staffcache"][$record["fromstaffid"]]["fullname"];
	$record["privatemessages.tostaffid"] = $_SWIFT["staffcache"][$record["tostaffid"]]["fullname"];

	$record["options"] = '<a onClick="javascript:doConfirm(\''. $_SWIFT["language"]["actionconfirm"] .'\', \'index.php?_m=core&_a=privatemessagessent&do=delete&privatemessageid='. $record["privatemessageid"] .'\');" href="#" title="'. $_SWIFT["language"]["delete"] .'"><img src="'. $_SWIFT["themepath"] .'icon_delete.gif" border="0">&nbsp;'. $_SWIFT["language"]["delete"] .'</a>&nbsp;';

	return $record;
}

/**
* Deletes the private messages
*/
function _maDeletePrivateMessages()
{
	global $dbCore, $_SWIFT;

	if ($_SWIFT["isdemo"] == true)
	{
		return false;
	}

	if (is_array($_POST["itemid"]))
	{
		deletePrivateMessages($_POST["itemid"]);
	}	
}











/**
* ###############################################
* PRIVATE MESSAGES
* ###############################################
*/
if ($eventaction == "privatemessages")
{
	if ($_GET["popupshow"] == 1)
	{
		// This message was shown after clicking JS alert, we need to set a cookie for this
		$cookie->addCookie("staffsettings", "prvpopup", "1");
		$cookie->buildCookie("staffsettings");
	}

	if ($_GET["do"] == "delete" && !empty($_GET["privatemessageid"]) && $_SWIFT["isdemo"] != true)
	{
		$infomessage = $_SWIFT["language"]["prvmsgdelconfirm"];

		deletePrivateMessages(array($_GET["privatemessageid"]));
	}

	$options["recordsperpage"] = "10";
	$options["sortby"] = "privatemessages.dateline";
	$options["sortorder"] = "desc";
	$options["massaction"][0]["title"] = $_SWIFT["language"]["delete"];
	$options["massaction"][0]["callback"] = "_maDeletePrivateMessages";

	$options["idname"] = "privatemessageid";
	$options["quicksearch"] = true;

	$options["advancedsearch"][0]["title"] = $_SWIFT["language"]["subject"];
	$options["advancedsearch"][0]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'privatemessages` AS privatemessages WHERE privatemessages.tostaffid = \''. intval($_SWIFT["staff"]["staffid"]) .'\' AND privatemessages.msgtype = \''. PRVMSG_RECEIVED .'\' AND privatemessages.subject LIKE \'%$_searchstr%\' $_sortjoin;';

	$options["advancedsearch"][1]["title"] = $_SWIFT["language"]["contents"];
	$options["advancedsearch"][1]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'privatemessages` AS privatemessages LEFT JOIN `'. TABLE_PREFIX .'privatemessagedata` AS privatemessagedata ON (privatemessages.privatemessageid = privatemessagedata.privatemessageid) WHERE privatemessages.tostaffid = \''. intval($_SWIFT["staff"]["staffid"]) .'\' AND privatemessages.msgtype = \''. PRVMSG_RECEIVED .'\' AND privatemessagedata.contents LIKE \'%$_searchstr%\' $_sortjoin;';

	$options["callback"] = "_privateMessageFields";

	$fields[0]["name"] = "privatemessages.subject";
	$fields[0]["title"] = $_SWIFT["language"]["prvsubject"];
	$fields[0]["width"] = "";

	$fields[1]["name"] = "privatemessages.fromstaffid";
	$fields[1]["title"] = $_SWIFT["language"]["fromstaff"];
	$fields[1]["width"] = "180";
	$fields[1]["align"] = "center";

	$fields[2]["name"] = "privatemessages.dateline";
	$fields[2]["title"] = $_SWIFT["language"]["date"];
	$fields[2]["width"] = "150";
	$fields[2]["align"] = "center";

	$fields[3]["type"] = "custom";
	$fields[3]["name"] = "options";
	$fields[3]["title"] = $_SWIFT["language"]["options"];
	$fields[3]["width"] = "160";
	$fields[3]["align"] = "center";

	$grid = new Grid();

	$interface->staffHeader($_SWIFT["language"]["dashboard"]." &gt; ".$_SWIFT["language"]["privatemessages"], 1);

	$interface->staffNavBar('<a href="index.php?_m=core&_a=dashboard" title="'.$_SWIFT["language"]["dashboard"].'">'.$_SWIFT["language"]["dashboard"].'</a> &raquo; '.'<a href="index.php?_m=core&_a=privatemessages" title="'.$_SWIFT["language"]["privatemessages"].'">'.$_SWIFT["language"]["privatemessages"].'</a>', "", 1);

	printInfoBox($infomessage);
	printErrorBox($errormessage);

	$grid->start("inboxprvmsg", $_SWIFT["language"]["inbox"], 'SELECT * FROM `'. TABLE_PREFIX .'privatemessages` AS privatemessages WHERE privatemessages.tostaffid = \''. intval($_SWIFT["staff"]["staffid"]) .'\' AND privatemessages.msgtype = \''. PRVMSG_RECEIVED .'\' $_sortjoin;', 'SELECT COUNT(*) AS totalitems FROM `'. TABLE_PREFIX .'privatemessages` AS privatemessages WHERE privatemessages.tostaffid = \''. intval($_SWIFT["staff"]["staffid"]) .'\' AND privatemessages.msgtype = \''. PRVMSG_RECEIVED .'\';', 'SELECT * FROM `'. TABLE_PREFIX .'privatemessages` AS privatemessages WHERE privatemessages.tostaffid = \''. intval($_SWIFT["staff"]["staffid"]) .'\' AND privatemessages.msgtype = \''. PRVMSG_RECEIVED .'\' AND privatemessages.subject LIKE \'%$_searchstr%\' $_sortjoin;', $fields, $options);
	$grid->display("inboxprvmsg");

	echo '<BR /><span class="smalltext">'. $_SWIFT["language"]["legend"] .' <img src="'. $_SWIFT["themepath"] .'icon_msgsmallyellow.gif" border="0" /> '. $_SWIFT["language"]["unread"].'&nbsp;&nbsp;&nbsp; <img src="'. $_SWIFT["themepath"] .'icon_msgsmallgray.gif" border="0" /> '. $_SWIFT["language"]["read"] .'</span>';

	$interface->staffFooter();



/**
* ###############################################
* PRIVATE MESSAGES SENT
* ###############################################
*/
} else if ($eventaction == "privatemessagessent") {
	if ($_GET["do"] == "delete" && !empty($_GET["privatemessageid"]) && $_SWIFT["isdemo"] != true)
	{
		$infomessage = $_SWIFT["language"]["prvmsgdelconfirm"];

		deletePrivateMessages(array($_GET["privatemessageid"]));
	}

	if (trim($_GET["sentmsg"]) != "")
	{
		$infomessage = sprintf($_SWIFT["language"]["msgsendconfirm"], $_GET["sentmsg"]);
	}

	$options["recordsperpage"] = "10";
	$options["sortby"] = "privatemessages.dateline";
	$options["sortorder"] = "desc";
	$options["massaction"][0]["title"] = $_SWIFT["language"]["delete"];
	$options["massaction"][0]["callback"] = "_maDeletePrivateMessages";

	$options["idname"] = "privatemessageid";
	$options["quicksearch"] = true;

	$options["advancedsearch"][0]["title"] = $_SWIFT["language"]["subject"];
	$options["advancedsearch"][0]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'privatemessages` AS privatemessages WHERE privatemessages.fromstaffid = \''. intval($_SWIFT["staff"]["staffid"]) .'\' AND privatemessages.msgtype = \''. PRVMSG_SENT .'\' AND privatemessages.subject LIKE \'%$_searchstr%\' $_sortjoin;';

	$options["advancedsearch"][1]["title"] = $_SWIFT["language"]["contents"];
	$options["advancedsearch"][1]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'privatemessages` AS privatemessages LEFT JOIN `'. TABLE_PREFIX .'privatemessagedata` AS privatemessagedata ON (privatemessages.privatemessageid = privatemessagedata.privatemessageid) WHERE privatemessages.fromstaffid = \''. intval($_SWIFT["staff"]["staffid"]) .'\' AND privatemessages.msgtype = \''. PRVMSG_SENT .'\' AND privatemessagedata.contents LIKE \'%$_searchstr%\' $_sortjoin;';

	$options["callback"] = "_sentPrivateMessageFields";

	$fields[0]["name"] = "privatemessages.subject";
	$fields[0]["title"] = $_SWIFT["language"]["prvsubject"];
	$fields[0]["width"] = "";

	$fields[1]["name"] = "privatemessages.tostaffid";
	$fields[1]["title"] = $_SWIFT["language"]["tostaff"];
	$fields[1]["width"] = "180";
	$fields[1]["align"] = "center";

	$fields[2]["name"] = "privatemessages.dateline";
	$fields[2]["title"] = $_SWIFT["language"]["date"];
	$fields[2]["width"] = "150";
	$fields[2]["align"] = "center";

	$fields[3]["type"] = "custom";
	$fields[3]["name"] = "options";
	$fields[3]["title"] = $_SWIFT["language"]["options"];
	$fields[3]["width"] = "120";
	$fields[3]["align"] = "center";

	$grid = new Grid();

	$interface->staffHeader($_SWIFT["language"]["dashboard"]." &gt; ".$_SWIFT["language"]["privatemessages"]." &gt; ".$_SWIFT["language"]["sent"], 1);

	$interface->staffNavBar('<a href="index.php?_m=core&_a=dashboard" title="'.$_SWIFT["language"]["dashboard"].'">'.$_SWIFT["language"]["dashboard"].'</a> &raquo; '.'<a href="index.php?_m=core&_a=privatemessages" title="'.$_SWIFT["language"]["privatemessages"].'">'.$_SWIFT["language"]["privatemessages"].'</a> &raquo; '.'<a href="index.php?_m=core&_a=privatemessagessent" title="'.$_SWIFT["language"]["sent"].'">'.$_SWIFT["language"]["sent"].'</a>', "", 1);

	printInfoBox($infomessage);
	printErrorBox($errormessage);

	$grid->start("sentprvmsg", $_SWIFT["language"]["sentmessages"], 'SELECT * FROM `'. TABLE_PREFIX .'privatemessages` AS privatemessages WHERE privatemessages.fromstaffid = \''. intval($_SWIFT["staff"]["staffid"]) .'\' AND privatemessages.msgtype = \''. PRVMSG_SENT .'\' $_sortjoin;', 'SELECT COUNT(*) AS totalitems FROM `'. TABLE_PREFIX .'privatemessages` AS privatemessages WHERE privatemessages.fromstaffid = \''. intval($_SWIFT["staff"]["staffid"]) .'\' AND privatemessages.msgtype = \''. PRVMSG_SENT .'\';', 'SELECT * FROM `'. TABLE_PREFIX .'privatemessages` AS privatemessages WHERE privatemessages.fromstaffid = \''. intval($_SWIFT["staff"]["staffid"]) .'\' AND privatemessages.msgtype = \''. PRVMSG_SENT .'\' AND privatemessages.subject LIKE \'%$_searchstr%\' $_sortjoin;', $fields, $options);
	$grid->display("sentprvmsg");

	$template->assign("backurl", "index.php?_m=core&_a=privatemessages");

	$interface->staffFooter();




/**
* ###############################################
* COMPOSE PRIVATE MESSAGE
* ###############################################
*/
} else if ($eventaction == "composeprvmsg") {
	if ($_POST["step"] == 1)
	{
		if (trim($_POST["subject"]) == "" || trim($_POST["contents"]) == "")
		{
			$errormessage = $_SWIFT["language"]["requiredfieldempty"];
		} else if (!count($_POST["staffid"])) {
			$errormessage = $_SWIFT["language"]["selectonestaff"];
		} else if ($_SWIFT["isdemo"] == true) {
			$errormessage = $_SWIFT["language"]["demomode"];
		} else {
			sendPrivateMessage($_POST["staffid"], $_POST["subject"], $_POST["contents"]);

			printRedirect(sprintf($_SWIFT["language"]["msgsendconfirm"], htmlspecialchars($_POST["subject"])), "index.php?_m=core&_a=privatemessagessent&sentmsg=".urlencode($_POST["subject"]));
			exit;
		}
	}

	$interface->staffHeader($_SWIFT["language"]["dashboard"]." &gt; ".$_SWIFT["language"]["privatemessages"]." &gt; ".$_SWIFT["language"]["compose"], 1);

	$interface->staffNavBar('<a href="index.php?_m=core&_a=dashboard" title="'.$_SWIFT["language"]["dashboard"].'">'.$_SWIFT["language"]["dashboard"].'</a> &raquo; '.'<a href="index.php?_m=core&_a=privatemessages" title="'.$_SWIFT["language"]["privatemessages"].'">'.$_SWIFT["language"]["privatemessages"].'</a> &raquo; '.'<a href="index.php?_m=core&_a=composeprvmsg" title="'.$_SWIFT["language"]["compose"].'">'.$_SWIFT["language"]["compose"].'</a>', "", 1);

	printInfoBox($infomessage);
	printErrorBox($errormessage);

	printFormStart();
	printMainTableHeader($_SWIFT["language"]["msgdetails"]);

	printDescRow($_SWIFT["language"]["generalinformation"]);
	printTextRow("subject", $_SWIFT["language"]["prvsubject"], $_SWIFT["language"]["desc_prvsubject"], "text", $_POST["subject"], 60);

	$_options = array();
	$index = $isfirst = 0;
	foreach ($_SWIFT["staffcache"] as $key=>$val)
	{
		$_options[$index]["title"] = sprintf($_SWIFT["language"]["staffnameformat"], $val["fullname"], $val["username"]);
		$_options[$index]["value"] = $val["staffid"];
		if (($isfirst == 0 && empty($_GET["staffid"])) || ($_GET["staffid"] == $val["staffid"]))
		{
			$_options[$index]["selected"] = true;
			$isfirst = 1;
		}
		$index++;
	}
	printSelectMultipleRow("staffid", $_SWIFT["language"]["tostaff"], $_SWIFT["language"]["desc_tostaff"], $_options);


	// We need to quote this
	if (!empty($_GET["privatemessageid"]))
	{
		$_privatemessage = getPrivateMessage($_GET["privatemessageid"]);
		if (!empty($_privatemessage["contents"]) && empty($_POST["contents"]))
		{
			$_POST["contents"] = convertMessageToQuote($_privatemessage["contents"]);
			updateMessageReadStatus(array($_privatemessage["privatemessageid"]));
			rebuildPrivateMessageCache($_SWIFT["staff"]["staffid"]);
		}
	}

	printDescRow($_SWIFT["language"]["contents"]);
	$data = array();
	$data[0]["value"] = '<textarea style="WIDTH:100%;" name="contents" cols="100" rows="15">'. htmlspecialchars($_POST["contents"]) .'</textarea>'.SWIFT_CRLF;
	$data[0]["align"] = "center";
	$data[0]["colspan"] = "2";

	printDataRow($data);

	printSubmitRow($_SWIFT["language"]["sendmessage"]);
	printMainTableFooter();

	addHiddenField("_m", "core");
	addHiddenField("_a", "composeprvmsg");
	addHiddenField("step", "1");
	printFormEnd();

	$template->assign("backurl", "index.php?_m=core&_a=privatemessages");

	$interface->staffFooter();










/**
* ###############################################
* VIEW PRIVATE MESSAGE
* ###############################################
*/
} else if ($eventaction == "viewprvmsg") {
	$_privatemessage = getPrivateMessage($_GET["privatemessageid"]);
	if (!$_privatemessage)
	{
		echo $_SWIFT["language"]["nopermissionmsg"];
		exit;
	}

	updateMessageReadStatus(array($_privatemessage["privatemessageid"]));

	$interface->staffHeader($_SWIFT["language"]["dashboard"]." &gt; ".$_SWIFT["language"]["privatemessages"]." &gt; ".$_SWIFT["language"]["viewmsg"], 1);

	$interface->staffNavBar('<a href="index.php?_m=core&_a=dashboard" title="'.$_SWIFT["language"]["dashboard"].'">'.$_SWIFT["language"]["dashboard"].'</a> &raquo; '.'<a href="index.php?_m=core&_a=privatemessages" title="'.$_SWIFT["language"]["privatemessages"].'">'.$_SWIFT["language"]["privatemessages"].'</a> &raquo; '.'<a href="index.php?_m=core&_a=viewprvmsg&privatemessageid='. intval($_privatemessage["privatemessageid"]) .'" title="'.$_SWIFT["language"]["viewmsg"].'">'.$_SWIFT["language"]["viewmsg"].'</a>', "", 1);

	printInfoBox($infomessage);
	printErrorBox($errormessage);

	printFormStart();
	printMainTableHeader($_SWIFT["language"]["msgdetails"]);

	printDefaultDescRow($_SWIFT["language"]["prvsubject"], "", htmlspecialchars($_privatemessage["subject"]));
	if ($_GET["msgtype"] == MSG_RECEIVED)
	{
		printDefaultDescRow($_SWIFT["language"]["fromstaff"], "", htmlspecialchars($_SWIFT["staffcache"][$_privatemessage["fromstaffid"]]["fullname"]));
	} else if ($_GET["msgtype"] == MSG_SENT) {
		printDefaultDescRow($_SWIFT["language"]["tostaff"], "", htmlspecialchars($_SWIFT["staffcache"][$_privatemessage["tostaffid"]]["fullname"]));
	}
	
	printDefaultDescRow($_SWIFT["language"]["date"], "", edate($_SWIFT["settings"]["dt_datetimeformat"], $_privatemessage["dateline"]));

	printDescRow($_SWIFT["language"]["contents"]);
	$data = array();
	$data[0]["value"] = '<span class="mediumtext">'. nl2br(htmlspecialchars($_privatemessage["contents"])) .'</span>'.SWIFT_CRLF;
	$data[0]["align"] = "left";
	$data[0]["colspan"] = "2";

	printDataRow($data);

	// We need to quote this
	if (empty($_POST["contents"]))
	{
		$_POST["contents"] = convertMessageToQuote($_privatemessage["contents"]);
	}

	printDescRow($_SWIFT["language"]["reply"]);
	$data = array();
	$data[0]["value"] = '<textarea style="WIDTH:100%;" name="contents" cols="100" rows="15">'. htmlspecialchars($_POST["contents"]) .'</textarea>'.SWIFT_CRLF;
	$data[0]["align"] = "center";
	$data[0]["colspan"] = "2";

	printDataRow($data);

	printSubmitRow($_SWIFT["language"]["sendreply"]);
	printMainTableFooter();

	addHiddenField("_m", "core");
	addHiddenField("_a", "composeprvmsg");
	addHiddenField("step", "1");

	if (substr($_privatemessage["subject"], 0, strlen($_SWIFT["language"]["subjectreplyprefix"])) != $_SWIFT["language"]["subjectreplyprefix"])
	{
		$replysubject = $_SWIFT["language"]["subjectreplyprefix"].$_privatemessage["subject"];
	} else {
		$replysubject = $_privatemessage["subject"];
	}
	addHiddenField("subject", $replysubject);
	addHiddenField("staffid[]", $_privatemessage["fromstaffid"]);
	printFormEnd();

	$template->assign("backurl", "index.php?_m=core&_a=". iif($_GET["msgtype"]==MSG_RECEIVED, "privatemessages", "privatemessagessent"));

	$interface->staffFooter();
}



?>